New research has revealed that local authorities in the UK are putting the personal data of more than 3.5 million citizens at risk by not having a Disaster Recovery (DR) plan in place.

A freedom of information act (FOIA) request by storage solutions provider FalconStor Software to 429 local authorities found that more than 50% of councils will make no further investment in DR this year.

The research also discovered that 4% of authorities will decrease investment on recovery, despite the threat posed by issues like human error and ransomware.

In the past year, 85% of councils have not had to use their DR plan, making it harder to know whether or not the plan is effective or how much time it takes to recover data.

Nearly two-thirds of councils (63%) have a minimum target time in which to recover lost information.

About 5% of those respondents intend to have data back in one to two hours, 10% in half a day and the rest in a day or more. 52% of those polled replied that they do not plan to change their budgetary allocations on data recovery and 22% said they are not sure whether or not any changes in the allocation were proposed.

The research showed that about 93% of local government bodies have stated that they have a DR plan in place and 6% do not. The remaining 1% stated that they did not know about any plans being in place.

FalconStor CEO Gary Quinn said: “It’s encouraging to see the majority of councils have realised the importance of having Disaster Recovery plans in place. However, this research does highlight that more work needs to be done both in implementing plans and testing them thoroughly.

“Cyber threats are continuing to evolve and human error and natural disasters are not going anywhere – so it is important that public bodies and organisations alike don’t stand still when it comes to protecting data. Having a central resource such as FreeStor to manage your Disaster Recovery plan across multiple departments is key to protecting public information.”